CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-8704 – Apple Security Advisory 2019-9-26-3
https://notcve.org/view.php?id=CVE-2019-8704
27 Sep 2019 — An authentication issue was addressed with improved state management. This issue is fixed in tvOS 13. A local user may be able to leak sensitive user information. Un problema de autenticación fue abordado mejorando la gestión del estado. Este problema es corregido en tvOS versión 13. • https://support.apple.com/HT210604 • CWE-287: Improper Authentication •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8760 – Apple Security Advisory 2019-9-26-3
https://notcve.org/view.php?id=CVE-2019-8760
27 Sep 2019 — This issue was addressed by improving Face ID machine learning models. This issue is fixed in iOS 13. A 3D model constructed to look like the enrolled user may authenticate via Face ID. Este problema fue corregido mejorando los modelos de aprendizaje automático de Face ID. Este problema fue corregido en iOS versión 13. • https://support.apple.com/HT210606 • CWE-287: Improper Authentication •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8727 – Apple Security Advisory 2019-9-26-3
https://notcve.org/view.php?id=CVE-2019-8727
27 Sep 2019 — A logic issue was addressed with improved state management. This issue is fixed in iOS 13. Visiting a malicious website may lead to address bar spoofing. Un problema lógico fue abordado mejorando la gestión del estado. Este problema es corregido en iOS versión 13. • https://support.apple.com/HT210606 •
CVSS: 2.4EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8742 – Apple Security Advisory 2019-9-26-3
https://notcve.org/view.php?id=CVE-2019-8742
27 Sep 2019 — The issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 13. A person with physical access to an iOS device may be able to access contacts from the lock screen. El problema fue abordado restringiendo las opciones ofrecidas en un dispositivo bloqueado. Este problema es corregido en iOS versión 13. • https://support.apple.com/HT210606 •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2019-8674 – webkitgtk: Incorrect state management leading to universal cross-site scripting
https://notcve.org/view.php?id=CVE-2019-8674
27 Sep 2019 — A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13. Processing maliciously crafted web content may lead to universal cross site scripting. Un problema lógico fue abordado mejorando la gestión del estado. Este problema es corregido en iOS versión 13, Safari versión 13. • https://security.gentoo.org/glsa/202003-22 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2019-8582 – Apple macOS CoreText Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-8582
24 Jul 2019 — An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iCloud for Windows 7.12, tvOS 12.3, iTunes 12.9.5 for Windows, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3. Processing a maliciously crafted font may result in the disclosure of process memory. Se abordó una lectura fuera de límites con una comprobación de límites mejorada. Este problema se corrigió en iCloud para Windows versión 7.12, tvOS versión 12.3, iT... • https://support.apple.com/en-us/HT210118 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 1%CPEs: 7EXPL: 0CVE-2019-8677 – webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2019-8677
22 Jul 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.4, macOS Mojave versión 10.14.6, tvOS versión 12.4,... • https://support.apple.com/HT210346 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 7EXPL: 0CVE-2019-8673 – webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2019-8673
22 Jul 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.4, macOS Mojave versión 10.14.6, tvOS versión 12.4,... • https://support.apple.com/HT210346 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 23%CPEs: 11EXPL: 0CVE-2019-8676 – webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2019-8676
22 Jul 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.4, macOS Mojave versión 10.14.6, tvOS ... • https://support.apple.com/HT210346 • CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-8698 – Apple Security Advisory 2019-7-22-5
https://notcve.org/view.php?id=CVE-2019-8698
22 Jul 2019 — A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in iOS 12.4, tvOS 12.4. A malicious application may be able to restrict access to websites. Se presentó un problema de comprobación en la verificación de los derechos. • https://support.apple.com/HT210346 • CWE-20: Improper Input Validation •